Cisco 2811 Router - Dual WAN?

I have inherited a Cisco 2811 at a new client and it has the two built in Ethernet ports plus a 4ESW module. Can that module be used to do a dual WAN? If not, what module might I need if the 2811 even supports dual WAN? Thanks!

2811 routers can handled a dual-homed set-up. the next question would be is that what kind of WAN services will you be having? Depending on the kind of WAN service, it will dictate the kind of interface you will be having for the WAN connection. another question will be is that for what purpose are needing dual WAN connection, is it for fail-over set-up redundancy set-up or will you be needing load-balancing as well? if you can give more details, be glad to help you on this :-)

Router is not currently in use, it was decommissioned from a T1. Currently using a *gasp* Linksys SOHO. Two DSL connections coming in for an external app that needs as much uptime as possible. Would like the incoming on both DSL links to point to the same server on the same port. So if something hits WAN1 IP on port 80 it goes to internal server 10.10.10.10 and if something hits WAN2 IP on port 80 it also goes to internal server 10.10.10.10. A bonus would be load balancing/failover for internal people to get out to the internet.

1. having a DSL connection, you won't be able to handle load balancing. load balancing would be avaible if you had your own AS and you lease you own private IP address space and for this you should be running BGP as your routing protocol. with regards to a DSL connection, usually this would only involve a static route towards your ISP.

2. you mentioned port 80 as an example, now i would just like to ask, would this be a web server that needs to be up and available outside? and if so is the URL registered to a public DNS, hence if that is the case you have to have both public IP (WAN1 IP and WAN2 IP) registered to a DNS server. can you specify further what type of internal application is being accessed and by whom (same company users vs the world).

3. since you are using a DSL service, to use the 2811 router you inherited, you would need an ADSL WAN interface card/ WIC

the 4ESW module you currently have is an EtherSwitch Module (ESW) and by that it is mainly used to add switching ports to the router and you realy cant used that to connect both of the DSL conenctions.

Lastly, I know I ask a lot of questions answering your question but it is just so as i could get a better idea of what your requirements would be.

What is your motivation to use the 2811 instead? in my opinion your better of buying a cheap (not necessarily cisco) firewall/router that can do load balancing+failover, i can suggest QNO if your really need/want to replace your existing router.

My first choice would be to go with a Cisco ASA 5505 with Security Plus so I could do dual WAN with that. I don't think I need a DSL card since I think the two different DSL modems give me ethernet. If I have Ethernet from the DSL modem(s) can I use a 2 port HWIC?

Client is convinced the 2811 is the best thing since sliced bread so until can say with the utmost certainty that it won't work for him and he needs to buy something else....I need to do my due diligence. I'm guessing he spent a lot of money on it when they had the T1 and hates to see it go to waste.

Is it safe to say that the 4ESW is designed for internal switch ports on the inside of the router?

Well 2811 supports dual wan for sure and load balancing too just by configuring too default routes with the same Administrative distance you are good, the router will load balance by flow. Now are you using an external modem for the ADSL or you are using a WIC card for the DSL??

yes the 4ESW is designed to add swithport (internal facing) to a router, since you have 2 DSL connection both those public IP WAN1 & WAN2 are on a different subnet.

yes cisco ASA 5505 is a good thing to go, as it would provide you with firewall capabilities as well, BUT at best you can only do a fail-over with the ASA and "not" load balance which would seems a waste of good bandwidth, there is a similar question here at EE see below.

at best using the 2811, you can apply a route-map to point one set of subnet within the internal network to the ISP1 and another subnet to ISP2, i'd be honest to you and say i'm not 100% for this even though i'm cisco certified but i guess that is possible (not sure because i haven't tried it before but very likely possible).

now considering the money that the company wishes to spend just buying the interface card for the 2811 or buying a new cisco ASA (which can do the load-balancing), thats why im proposing use specialized products that can provide you with the firewall capabilities + load balancing from Adtran or QNO, Adtran OS is very similar to cisco and is also an american manufacturer, QNO is China i think (what equipment is not made from China anyway? :-)

Correct? If so I'm money ahead with an ASA. Load balancing for traffic TO the internet is just a bonus. Failover is fine. I just need to make sure I have the ability to have dual incoming regardless of which link is utilized.

>Would like the incoming on both DSL links to point to the same server on the same port.
Ah, this is the challenge!
On Cisco kit, you cannot map the multiple IP's to the same internal host/port
However, you can add a second IP address to the server NIC, and map DSL1 public IP to server/80 and DSL2 public ip to server2/80
You really can't get load balancing, but you can easily get failover.

ISR is part of the router family, running IOS.
Routers were designed to route packets from dis-similiar interfaces (Etherent to serial/ATM/Token ring, etc) and to do it as effeciently as possible.
ASA was designed ground up, does not run IOS, to be a firewall. Period.
That's why it can only do backup/failover WAN and not run dual wans at the same time or a whole myriad of other advanced router functions that even the new 891 will do.
Cisco never has and never will do dual WAN's very well without BGP in IOS.
890 series are SOHO (Small Office/Home Office) that are extremely flexible, but still has nothing over the 2811 that is already on hand

Featured Post

With space to keep virtually everything, the My Cloud Pro Series offers your team the network storage to edit, save and share production files from anywhere with an internet connection. Compatible with both Mac and PC, you're able to protect your content regardless of OS.

After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg).
If you're looking for how to monitor bandwidth using netflow or packet s…